www.myhspa.org Open in urlscan Pro
192.124.249.58 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u83566.ct.sendgrid.net/ls/click?upn=dEXb4jQwCrgLFa-2FLBqAxeqZsz9Nfw1HjkcXyJ1Dqec-2BaFBZjn3PJHkdEnRzsCy78YogqwqfKeUr0i-2...
Effective URL:
https://www.myhspa.org/certification/stay-certified.html
Submission: On November 03 via api (November 3rd 2022, 1:47:21 pm UTC) from US — Scanned from DE

Summary HTTP 66 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 66 HTTP transactions. The main IP is 192.124.249.58, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is www.myhspa.org.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on January 4th 2022. Valid for: a year.

This is the only time www.myhspa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.54 167.89.115.54	11377 (SENDGRID) (SENDGRID)
17	192.124.249.58 192.124.249.58	30148 (SUCURI-SEC) (SUCURI-SEC)
19	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3037::6815:52a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	3.223.17.26 3.223.17.26	14618 (AMAZON-AES) (AMAZON-AES)
1	13.227.153.123 13.227.153.123	16509 (AMAZON-02) (AMAZON-02)
4	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
66	16

1 167.89.115.54 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x54.outbound-mail.sendgrid.net

u83566.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 192.124.249.58 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10058.sucuri.net

www.myhspa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.18.70.113 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:52a3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.sk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.223.17.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-17-26.compute-1.amazonaws.com

polo.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.153.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-153-123.muc51.r.cloudfront.net

marco.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.51.111 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

iahcsmm.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2849 ekr.zdassets.com — Cisco Umbrella Rank: 3330	867 KB
17	myhspa.org www.myhspa.org	850 KB
7	gstatic.com fonts.gstatic.com	145 KB
6	feathr.co cdn.feathr.co — Cisco Umbrella Rank: 38841 polo.feathr.co — Cisco Umbrella Rank: 25457 marco.feathr.co — Cisco Umbrella Rank: 26899	54 KB
4	zendesk.com iahcsmm.zendesk.com	3 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264 stats.g.doubleclick.net — Cisco Umbrella Rank: 166	129 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	112 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	20 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 457	265 B
1	google.sk www.google.sk — Cisco Umbrella Rank: 19367	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 17	501 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	38 KB
1	sendgrid.net 1 redirects u83566.ct.sendgrid.net	259 B
66	14

	Domain	Requested by
17	static.zdassets.com	www.myhspa.org static.zdassets.com
17	www.myhspa.org	www.myhspa.org
7	fonts.gstatic.com	www.myhspa.org
4	iahcsmm.zendesk.com	static.zdassets.com
4	polo.feathr.co	cdn.feathr.co
2	www.facebook.com	www.myhspa.org
2	connect.facebook.net	www.myhspa.org connect.facebook.net
2	ekr.zdassets.com	static.zdassets.com
2	securepubads.g.doubleclick.net	www.myhspa.org
2	www.google-analytics.com	www.myhspa.org www.google-analytics.com
1	match.adsrvr.org
1	marco.feathr.co	www.myhspa.org
1	www.google.sk	www.myhspa.org
1	www.google.com	www.myhspa.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.feathr.co	www.myhspa.org
1	www.googletagmanager.com	www.myhspa.org
1	u83566.ct.sendgrid.net	1 redirects
66	18

This site contains links to these domains. Also see Links.

Domain
hspa.users.membersuite.com
iahcsmm.ps.membersuite.com
verify.myhspa.org
elearning.myhspa.org
process-this.blubrry.net
elearning.iahcsmm.org
iahcsmm.zendesk.com
www.facebook.com
twitter.com
www.linkedin.com
vimeo.com

Subject Issuer	Validity	Valid
myhspa.org Starfield Secure Certificate Authority - G2	`2022-01-04` - `2023-01-04`	a year	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2022-06-08` - `2022-12-15`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-12` - `2022-11-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.sk GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
polo.feathr.co R3	`2022-09-16` - `2022-12-15`	3 months	crt.sh
marco.feathr.co Amazon	`2022-08-22` - `2023-09-20`	a year	crt.sh
iahcsmm.zendesk.com Cloudflare Inc ECC CA-3	`2022-09-11` - `2023-09-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.myhspa.org/certification/stay-certified.html
Frame ID: FD49582D974DFAC95CEBFE159357D717
Requests: 46 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-3d118a1c2798bf0a2233.js
Frame ID: 777DAD7AC9099546F8F4807091826398
Requests: 10 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-3d118a1c2798bf0a2233.js
Frame ID: 63055B377CAFD822F8B30E6432305420
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Stay Certified - Healthcare Sterile Processing Association (HSPA)

Page URL History Show full URLs

https://u83566.ct.sendgrid.net/ls/click?upn=dEXb4jQwCrgLFa-2FLBqAxeqZsz9Nfw1HjkcXyJ1Dqec-2BaFBZjn3PJHkdEnRz... HTTP 302
https://www.myhspa.org/certification/stay-certified.html Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

66
Requests

100 %
HTTPS

59 %
IPv6

14
Domains

18
Subdomains

16
IPs

5
Countries

2219 kB
Transfer

6002 kB
Size

9
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://hspa.users.membersuite.com/shop/store/browse
Title: Store

Search URL Search Domain Scan URL

URL: https://hspa.users.membersuite.com//auth/portal-login?nextUrl=aHR0cHM6Ly93d3cubXloc3BhLm9yZy9jZXJ0aWZpY2F0aW9uL3N0YXktY2VydGlmaWVkLmh0bWw=&isReverseSSO=true
Title: Login

Search URL Search Domain Scan URL

URL: https://hspa.users.membersuite.com/profile
Title: My Membership

Search URL Search Domain Scan URL

URL: https://iahcsmm.ps.membersuite.com/default.aspx
Title: My Certifications

Search URL Search Domain Scan URL

URL: https://verify.myhspa.org/
Title: Verify Status

Search URL Search Domain Scan URL

URL: https://elearning.myhspa.org/lesson-plans
Title: Lesson Plans

Search URL Search Domain Scan URL

URL: https://elearning.myhspa.org/on-demand-webinars
Title: Webinars

Search URL Search Domain Scan URL

URL: https://process-this.blubrry.net/
Title: Podcast: Process This!

Search URL Search Domain Scan URL

URL: https://elearning.iahcsmm.org/sample-documents
Title: Sample Documents

Search URL Search Domain Scan URL

URL: https://elearning.iahcsmm.org/reference-guides
Title: Reference Guides

Search URL Search Domain Scan URL

URL: https://elearning.iahcsmm.org/lesson-plans
Title: Lesson Plans

Search URL Search Domain Scan URL

URL: https://elearning.iahcsmm.org/on-demand-webinars
Title: Webinars

Search URL Search Domain Scan URL

URL: https://iahcsmm.ps.membersuite.com/Certifications/ViewAllCertifications.aspx
Title: Renew Online

Search URL Search Domain Scan URL

URL: https://iahcsmm.zendesk.com/hc/en-us
Title: Help Center and FAQs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HSPAssociation

Search URL Search Domain Scan URL

URL: https://twitter.com/myHSPA

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/myhspa

Search URL Search Domain Scan URL

URL: https://vimeo.com/iahcsmm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u83566.ct.sendgrid.net/ls/click?upn=dEXb4jQwCrgLFa-2FLBqAxeqZsz9Nfw1HjkcXyJ1Dqec-2BaFBZjn3PJHkdEnRzsCy78YogqwqfKeUr0i-2F6Yu5evQg-3D-3D5KyV_bbTnpkV8nill7Mf6KSTMfypQ5-2F5-2BjjlpPs-2Bj6f6CuMsSlp6gbuJVGBDqokznxwetN4eD-2BJC21mHJ31qtTVSB-2BOw8AQjOFkEk9OQksyDQHYRDWI89V6ChoZZmGKIW0HqYIquckg9UlFW-2BMTiyocasPD3Cww9KSEIK63JZzbsr1tC-2FbMcL0pTvkPV8dLoNUIwkGG6Q0w5USWEldC5-2F79SZkBtvmVpuABACecYQ77YQulGsOvyUV9tcCdxvowTc4d37QALjI2xX7gZHWKDY7Pk7ccPV-2Fu0U-2BqW0sGkc2Y50bwURLQS7cGxJ9yk4EfAlGsGG3FXD7z6-2B-2BiK-2BMXOpgU4MaNdL1C4ZBTgS2W83yV-2BDGKXiuoWmpALKVqxVuavQ4o8gkmbexMQZKSb875UCgWgtHd2ksYNaqff0p5YTXZqJlRJ4-2BfBClZJhoZ54f5mVijQrUL9cTfmE0Jjsfn-2BXooyS1qFlcuHnhNlJR5KfTWDxWtENCpuZP6tb3Er9hL3FIRpQ3qKPkHUOlIjcHfPMWOzTIMAd5EQkhOzOIwna-2FTzWNcgN9LCBqQ2XoHoMAjBsDD-2BSFnR5QgNhDmVcWb1o3JTYziGvSg1rqHIpk-2Fb0-2FknKQaLIcCC-2F-2BuqwOISExuOEthfNB8qwQ-2BKtVDlxMIQwSuJfXhjOUhhYT-2BDOSUjjvEIG14wrKYwkGP1P9oHuwvx8fYjL;1 HTTP 302
https://www.myhspa.org/certification/stay-certified.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request stay-certified.html Show response
www.myhspa.org/certification/
Redirect Chain

https://u83566.ct.sendgrid.net/ls/click?upn=dEXb4jQwCrgLFa-2FLBqAxeqZsz9Nfw1HjkcXyJ1Dqec-2BaFBZjn3PJHkdEnRzsCy78YogqwqfKeUr0i-2F6Yu5evQg-3D-3D5KyV_bbTnpkV8nill7Mf6KSTMfypQ5-2F5-2BjjlpPs-2Bj6f6CuMsS...
https://www.myhspa.org/certification/stay-certified.html

37 KB
9 KB

1352ms
1237ms

Document
text/html

192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myhspa.org/certification/stay-certified.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

590b7171389733cf0b6fc4f7f966373063b391f31488b5108e1e689614add122

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 public
content-encoding: gzip
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Thu, 03 Nov 2022 13:47:15 GMT
expires: Wed, 17 Aug 2005 00:00:00 GMT
last-modified: Thu, 03 Nov 2022 13:47:14 GMT
link: </media/jui/fonts/IcoMoon.woff>; rel=preload; as=font; crossorigin; type="font/woff",</media/gantry5/assets/fonts/fontawesome-webfont.woff2?v=4.7.0>; rel=preload; as=font; crossorigin; type="font/woff2",</media/com_jchoptimize/assets/gz/fa6e3e822e9373a627e75e6371c1f9d044c1457f04e9343f9e44ed60cd28372e.css>; rel=preload; as=style,</media/com_jchoptimize/assets/gz/138c89afb7e8394ae10912b9151b12795a8a118a098a5737eae712c91b41188b.js>; rel=preload; as=script,</templates/rt_denali/custom/images/images/HSPA_LogoHorizontal_RGB.png>; rel=preload; as=image,</images/Certification/CRCST_Image.jpg>; rel=preload; as=image,</images/Certification/CER_Image.jpg>; rel=preload; as=image,</images/Certification/CIS_Image.jpg>; rel=preload; as=image,</images/Certification/CHL_Image.jpg>; rel=preload; as=image,</images/Certification/CCSVP_Image.jpg>; rel=preload; as=image,</images/Education/LessonPlanOrange.png>; rel=preload; as=image,</images/Education/WebinarGreen.png>; rel=preload; as=image,</images/Education/PodcastBlue.png>; rel=preload; as=image
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
server: nginx
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sucuri-cache: MISS
x-sucuri-id: 19008
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 79
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Nov 2022 13:47:13 GMT
Location: https://www.myhspa.org/certification/stay-certified.html
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 IcoMoon.woff
www.myhspa.org/media/jui/fonts/ 25 KB
25 KB 82ms
80ms Font
font/woff 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myhspa.org/media/jui/fonts/IcoMoon.woff

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.myhspa.org/certification/stay-certified.html
Origin: https://www.myhspa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 25399
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Aug 2022 20:21:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: font/woff
cache-control: max-age=315360000
x-sucuri-id: 19008
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome-webfont.woff2
www.myhspa.org/media/gantry5/assets/fonts/ 75 KB
76 KB 83ms
81ms Font
font/woff2 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myhspa.org/media/gantry5/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.myhspa.org/certification/stay-certified.html
Origin: https://www.myhspa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 13:33:09 GMT
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: font/woff2
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19008
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa6e3e822e9373a627e75e6371c1f9d044c1457f04e9343f9e44ed60cd28372e.css
www.myhspa.org/media/com_jchoptimize/assets/gz/ 431 KB
72 KB 29ms
27ms Stylesheet
text/css 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myhspa.org/media/com_jchoptimize/assets/gz/fa6e3e822e9373a627e75e6371c1f9d044c1457f04e9343f9e44ed60cd28372e.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

b8562c4e392dd32ece8d7bfddc38a750c5d8d7711e5a330c58d6d5dc8ba01745

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/certification/stay-certified.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Thu, 03 Nov 2022 08:31:12 GMT
etag: a40cf4002babda044ded83a7bd414cdb
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css;charset=UTF-8
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19008
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 138c89afb7e8394ae10912b9151b12795a8a118a098a5737eae712c91b41188b.js Show response
www.myhspa.org/media/com_jchoptimize/assets/gz/ 399 KB
140 KB 83ms
82ms Script
text/javascript 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myhspa.org/media/com_jchoptimize/assets/gz/138c89afb7e8394ae10912b9151b12795a8a118a098a5737eae712c91b41188b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

f1cac5a38ae5ed83e515ba5771b42c3600187a1131147fb3fd49159bd51716f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/certification/stay-certified.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Thu, 03 Nov 2022 08:31:12 GMT
etag: 4caee30665d6030857fadb21838c881c
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/javascript;charset=UTF-8
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19008
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HSPA_LogoHorizontal_RGB.png
www.myhspa.org/templates/rt_denali/custom/images/images/ 11 KB
12 KB 29ms
29ms Image
image/png 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.myhspa.org/templates/rt_denali/custom/images/images/HSPA_LogoHorizontal_RGB.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

cf57d47551d73dd034a1b37b38ef395205989f7cfe245fd2eb44219166c748f8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/certification/stay-certified.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 23 Dec 2021 14:14:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19008
accept-ranges: bytes
content-length: 11683
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 CRCST_Image.jpg
www.myhspa.org/images/Certification/ 32 KB
32 KB 27ms
26ms Image
image/jpeg 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.myhspa.org/images/Certification/CRCST_Image.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

565523e1f1e494fc167597e26e01159424027c934bde24d14d41081a16231d06

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/certification/stay-certified.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 04 Aug 2022 13:54:35 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19008
accept-ranges: bytes
content-length: 32373
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 CER_Image.jpg
www.myhspa.org/images/Certification/ 28 KB
29 KB 27ms
27ms Image
image/jpeg 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.myhspa.org/images/Certification/CER_Image.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

52759d1fa32c5a916216044caabefe43966e3321d1e3fae8fce6a250d65e39fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/certification/stay-certified.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 04 Aug 2022 13:53:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19008
accept-ranges: bytes
content-length: 29086
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 CIS_Image.jpg
www.myhspa.org/images/Certification/ 28 KB
28 KB 45ms
45ms Image
image/jpeg 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.myhspa.org/images/Certification/CIS_Image.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

cb4f9f7b448141808285fd76f23d26b7ff6940f1ad7d1f60c96382c516b2b47e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/certification/stay-certified.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 04 Aug 2022 13:53:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19008
accept-ranges: bytes
content-length: 28836
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 CHL_Image.jpg
www.myhspa.org/images/Certification/ 28 KB
28 KB 32ms
27ms Image
image/jpeg 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.myhspa.org/images/Certification/CHL_Image.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

d5353ea242248e0f9afaae697504e6907c63562ae02b4bc79e41b4afe87f3825

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/certification/stay-certified.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 04 Aug 2022 13:53:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19008
accept-ranges: bytes
content-length: 28480
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 CCSVP_Image.jpg
www.myhspa.org/images/Certification/ 32 KB
32 KB 32ms
29ms Image
image/jpeg 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.myhspa.org/images/Certification/CCSVP_Image.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

ccebc2527fc5328c717b5ae365da8f5219ac6074e39a3d8cbc24276da00e729a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/certification/stay-certified.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 04 Aug 2022 13:53:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19008
accept-ranges: bytes
content-length: 32452
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 LessonPlanOrange.png
www.myhspa.org/images/Education/ 20 KB
20 KB 33ms
30ms Image
image/png 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.myhspa.org/images/Education/LessonPlanOrange.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

59dc7d06b1c1a525087a525ab6cd895859f330972efcaf9c1ffdf143f7f5c5cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/certification/stay-certified.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Mon, 29 Mar 2021 19:19:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19008
accept-ranges: bytes
content-length: 20168
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 WebinarGreen.png
www.myhspa.org/images/Education/ 44 KB
44 KB 38ms
35ms Image
image/png 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.myhspa.org/images/Education/WebinarGreen.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

7b1be609ea85b280fd1a747554ee9f69aa2dd864ead7f8d85cf52a0cdd98cad9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/certification/stay-certified.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Mon, 29 Mar 2021 19:19:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19008
accept-ranges: bytes
content-length: 45005
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 PodcastBlue.png
www.myhspa.org/images/Education/ 21 KB
21 KB 47ms
45ms Image
image/png 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.myhspa.org/images/Education/PodcastBlue.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

0541bd3d69c7396280e8e0cd4e49612e692bc883dae3a8cc72bd2e0db54de436

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/certification/stay-certified.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Mon, 29 Mar 2021 19:19:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19008
accept-ranges: bytes
content-length: 21217
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
7 KB 105ms
46ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=675e3139-1a24-49a8-88f2-a84c4b93ded1

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/certification/stay-certified.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: RRE4WXY2G2NQCTKC
age: 3
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: qUonXVm0nLI39VNNyBBSIdF19NZ9N9ym7ecj3bhxuN0InVZ9GcfMrZasRjb734gm7DfKQy75KN4=
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfThFvp6TI7kJFNFvVLq6R1OdHcAXhM%2F1k6eQwxALRUDlJvgJ5UVCnmhfpUlyD9LAOhvSb7l0RSXtlOZMvjqfcc2c6TkG777XQoQJZCI3KIh9n6%2BRrFWYvy6rCMeNoI%2BImk3YIs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 76458f8d593a995a-FRA

GET
H2 200 main.js Show response
www.myhspa.org/media/gantry5/assets/js/ 60 KB
17 KB 27ms
26ms Script
application/javascript 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myhspa.org/media/gantry5/assets/js/main.js

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/certification/stay-certified.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

79694561bccb05538507cf4d4f5c53b0ee2c51bbedf152a435c3f60cd52cdb2b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/certification/stay-certified.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 16655
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jun 2022 13:33:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 19008
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 78ms
22ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/media/com_jchoptimize/assets/gz/138c89afb7e8394ae10912b9151b12795a8a118a098a5737eae712c91b41188b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 03 Nov 2022 13:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1881
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 03 Nov 2022 15:15:54 GMT

GET
H2 200 pubads_impl_2022102701.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
128 KB 84ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/media/com_jchoptimize/assets/gz/138c89afb7e8394ae10912b9151b12795a8a118a098a5737eae712c91b41188b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58174fa028b2681d2f4ca49c97cca5ec0967c1429ac25487826ccf0e2f8afc0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.myhspa.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 03 Nov 2022 12:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3497
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130801
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 08:36:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Nov 2023 12:48:58 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 36 B
686 B 88ms
30ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.myhspa.org

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/media/com_jchoptimize/assets/gz/138c89afb7e8394ae10912b9151b12795a8a118a098a5737eae712c91b41188b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87657eccd1d76ab42f44b58a6518d9d85f4864eff7d5212c131a1e2f0573f04a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50
x-xss-protection: 0
expires: Thu, 03 Nov 2022 13:47:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
38 KB 100ms
46ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TC22VVP

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/media/com_jchoptimize/assets/gz/138c89afb7e8394ae10912b9151b12795a8a118a098a5737eae712c91b41188b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6343b9c20a6cd538afd2b87caf8700f1ec83e242e5af3195c0773bb81b801a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38851
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Nov 2022 13:47:15 GMT

GET
H2 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0ow.ttf
fonts.gstatic.com/s/montserrat/v25/ 31 KB
17 KB 110ms
54ms Font
font/ttf 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0ow.ttf

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/media/com_jchoptimize/assets/gz/fa6e3e822e9373a627e75e6371c1f9d044c1457f04e9343f9e44ed60cd28372e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fada59f56dca345a8c6e3f73d980f04f9df1e81e4fb3030a479a8473af01284f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.myhspa.org/
Origin: https://www.myhspa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 09:41:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17017
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 09:41:22 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aX8.ttf
fonts.gstatic.com/s/montserrat/v25/ 31 KB
31 KB 135ms
78ms Font
font/ttf 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aX8.ttf

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/media/com_jchoptimize/assets/gz/fa6e3e822e9373a627e75e6371c1f9d044c1457f04e9343f9e44ed60cd28372e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb7c49ab264df288e272de8eada58f92d157590b44fa5d3a296803c2c72ec78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.myhspa.org/
Origin: https://www.myhspa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 04:39:30 GMT
x-content-type-options: nosniff
age: 205665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31468
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 04:39:30 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aX8.ttf
fonts.gstatic.com/s/montserrat/v25/ 31 KB
17 KB 87ms
31ms Font
font/ttf 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aX8.ttf

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/media/com_jchoptimize/assets/gz/fa6e3e822e9373a627e75e6371c1f9d044c1457f04e9343f9e44ed60cd28372e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0169e4dcdc172069ab64d72f8eb7a3ea2b9289efb71a8ba814ac4e2248963f0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.myhspa.org/
Origin: https://www.myhspa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16510
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 14:32:13 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aX8.ttf
fonts.gstatic.com/s/montserrat/v25/ 31 KB
16 KB 75ms
34ms Font
font/ttf 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aX8.ttf

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/media/com_jchoptimize/assets/gz/fa6e3e822e9373a627e75e6371c1f9d044c1457f04e9343f9e44ed60cd28372e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab949d217aeb59201b46ce64934ff23a46fa4ce684db25002d88c15b59e72dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.myhspa.org/
Origin: https://www.myhspa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16638
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:13:49 GMT

GET
H2 200 675e3139-1a24-49a8-88f2-a84c4b93ded1 Show response
ekr.zdassets.com/compose/ 431 B
547 B 301ms
202ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/675e3139-1a24-49a8-88f2-a84c4b93ded1

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=675e3139-1a24-49a8-88f2-a84c4b93ded1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65535e311684f5541d6f3ef3e6f6631c6f9454b6bfb7dd7ac6db36c479bfd760

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 764533db5b85bb41-ORD, 764533db5b85bb41-ORD
x-runtime: 0.002306
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"65535e311684f5541d6f3ef3e6f6631c"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zyAyfEn%2BC2U5hoNofLcww0Y1Bdj%2BiaqsigK11XS8M3H0elCaj%2F%2FAG5rmIssNDAuHkNNUBA8I1pVK9V%2Bd0kVElWFJIGQgSs0l7ssGg%2F3GD6sy%2FG%2BG4IV8O7CV2C0Q05xNbY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
cf-ray: 76458f8fb8fd929f-FRA

GET
H2 200 above-bg.jpg
www.myhspa.org/images/ 46 KB
46 KB 35ms
31ms Image
image/jpeg 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.myhspa.org/images/above-bg.jpg

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/media/com_jchoptimize/assets/gz/fa6e3e822e9373a627e75e6371c1f9d044c1457f04e9343f9e44ed60cd28372e.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

6a5926765e18a8cd800e00d3613739bc9bdbe697131a121fd22969b5930d3413

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/media/com_jchoptimize/assets/gz/fa6e3e822e9373a627e75e6371c1f9d044c1457f04e9343f9e44ed60cd28372e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 04:53:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19008
accept-ranges: bytes
content-length: 46822
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 BottomImage_v2.jpg
www.myhspa.org/images/ 219 KB
219 KB 78ms
75ms Image
image/jpeg 192.124.249.58
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.myhspa.org/images/BottomImage_v2.jpg

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/media/com_jchoptimize/assets/gz/fa6e3e822e9373a627e75e6371c1f9d044c1457f04e9343f9e44ed60cd28372e.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10058.sucuri.net

Software

nginx /

Resource Hash

770f0032ef865d3340b8daa666311b9b2df76d9262855d739c83baca6f4776d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/media/com_jchoptimize/assets/gz/fa6e3e822e9373a627e75e6371c1f9d044c1457f04e9343f9e44ed60cd28372e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Mon, 29 Mar 2021 15:38:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19008
accept-ranges: bytes
content-length: 224027
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aX8.ttf
fonts.gstatic.com/s/montserrat/v25/ 31 KB
16 KB 83ms
81ms Font
font/ttf 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aX8.ttf

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/media/com_jchoptimize/assets/gz/fa6e3e822e9373a627e75e6371c1f9d044c1457f04e9343f9e44ed60cd28372e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3549500032014880a5f26801042304db6abd5411a01749ba00c1896eebfe622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.myhspa.org/
Origin: https://www.myhspa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16601
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 14:32:13 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aX8.ttf
fonts.gstatic.com/s/montserrat/v25/ 31 KB
31 KB 85ms
82ms Font
font/ttf 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aX8.ttf

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/media/com_jchoptimize/assets/gz/fa6e3e822e9373a627e75e6371c1f9d044c1457f04e9343f9e44ed60cd28372e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bedb5c0eb2e55675ecd496c04f7780adeeadc2a0fef36c335a84724f29812628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.myhspa.org/
Origin: https://www.myhspa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 02:30:37 GMT
x-content-type-options: nosniff
age: 126998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31476
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:30:37 GMT

GET
H2 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq5Z9WXh0ow.ttf
fonts.gstatic.com/s/montserrat/v25/ 31 KB
17 KB 89ms
87ms Font
font/ttf 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq5Z9WXh0ow.ttf

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/media/com_jchoptimize/assets/gz/fa6e3e822e9373a627e75e6371c1f9d044c1457f04e9343f9e44ed60cd28372e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

832d72cd11b4a37a93c43757cf4deb1d8c648b86fa2093d72ecac0a4e6c1eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.myhspa.org/
Origin: https://www.myhspa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 07:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17007
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:59:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 07:37:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 146ms
26ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/certification/stay-certified.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 03 Nov 2022 13:47:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: +ms/3SeAJ3gUEv6R5CvrTqzxtFAcOPmAoDvLkyODd40SXqRarUoT4KIR1LvnyN+vvmrOrwNMuCnfajtewhP04g==
x-fb-trip-id: 1709462857
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 675e3139-1a24-49a8-88f2-a84c4b93ded1 Show response
ekr.zdassets.com/compose/ 431 B
1 KB 221ms
199ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/675e3139-1a24-49a8-88f2-a84c4b93ded1

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=675e3139-1a24-49a8-88f2-a84c4b93ded1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65535e311684f5541d6f3ef3e6f6631c6f9454b6bfb7dd7ac6db36c479bfd760

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:15 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 764533db5b85bb41-ORD, 764533db5b85bb41-ORD
x-runtime: 0.002306
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"65535e311684f5541d6f3ef3e6f6631c"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzPGrbEXAaABYRC%2FUanVv%2FFPiHU4MA5i1o%2BQ2yx0WQg%2F9oBDCJzOt%2Bn6IQ5chxe3TSDNRQo%2FDj4GEdiZ0lLFKPY%2BDIqX4B7AasW7uPt8dwIznB0%2B4sQ8HSaosT%2F87b3KTFQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
cf-ray: 76458f8fb900929f-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 36ms
32ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1239445249&t=pageview&_s=1&dl=https%3A%2F%2Fwww.myhspa.org%2Fcertification%2Fstay-certified.html&ul=en-us&de=UTF-8&dt=Stay%20Certified%20-%20Healthcare%20Sterile%20Processing%20Association%20(HSPA)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2128961474&gjid=781032755&cid=388983956.1667483236&tid=UA-43831247-1&_gid=1584043536.1667483236&_r=1&gtm=2ouav0&z=988586539

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.myhspa.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 13:47:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.myhspa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 boomerang.min.js Show response
cdn.feathr.co/js/ 170 KB
51 KB 190ms
46ms Script
text/javascript 2606:4700:3037::6815:52a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.feathr.co/js/boomerang.min.js
Requested by: Host: www.myhspa.org
URL: https://www.myhspa.org/certification/stay-certified.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:52a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76b9a976448170b38b6faf85938c0ab814fb9abc10487b06ccfaa75151f251aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: SG87A9CAS1BFW92Y
age: 5240
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 3orujgw/X1kfRZ4Y6GGA/BiBkQ1Uw2iM7dvfnb+PK9qRK++qiGFz9IntvK1qFF37aBksZ+hKsbY=
last-modified: Tue, 06 Sep 2022 19:13:33 GMT
server: cloudflare
etag: W/"1c3cc48d83e98f6354bdcb81989deafe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eeUWhnpzZ7veY9mGoYSnV%2F6d266YZBVdFKSBq6wCgeKYfACJg2BBkppdOBZTsbG2fGRycuDo9YO3HG%2FBCN8Cbn1H%2BnzTnzMlWIN%2Ft9EsdDNIrB8TRXHyfDWPNFlqz7kHIrDz5KyyLieow9d"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 76458f912a056969-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 161ms
27ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-43831247-1&cid=388983956.1667483236&jid=2128961474&gjid=781032755&_gid=1584043536.1667483236&_u=YEBAAUAAAAAAACAAI~&z=353912715

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e8e0475582ab3e866b093f14c52982006a8112d6a2833b0cd999cb8368b0f50d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.myhspa.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 03 Nov 2022 13:47:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.myhspa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 679409109229010 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 63ms
31ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/679409109229010?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e55d18a6b6570d5f43719bd204cbc6f28ef380fc6d8b6f71ccf8094ac95f67e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 03 Nov 2022 13:47:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86025
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Z/SHCcGakWiw34uWYEgbiN0NZgeshfC7xZmbvdMSa1z5FkcL0CavTfJ6GNbp0rWk5M0K98UmxrGktLP6ZfZKiA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 web-widget-framework-3d118a1c2798bf0a2233.js Show response
static.zdassets.com/web_widget/latest/ Frame 777D 151 KB
49 KB 48ms
48ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-3d118a1c2798bf0a2233.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=675e3139-1a24-49a8-88f2-a84c4b93ded1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b105b453329e522f9faa0bf7215519311897b9162a38da61c75448cefb841663

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
x-amz-version-id: DGABZmS_HLmr0OkIATNtJHXvAYbWspsE
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B4XRB9NWVRVVMYQ8
age: 29142
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: W+7zrxZpwIRbsiX7xMX/+V+0H4RAy56tHCmI4OmDFNhWzWWAewIl07E/vEjDawph70Lt2dVSxkk=
last-modified: Thu, 03 Nov 2022 03:30:25 GMT
server: cloudflare
etag: W/"4e0ec768e1b5323b0c06d0cc3a5c9c2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9rfh3XP5ele0qFm%2B5tdCSVrHlUnNplnV0fnk1TUEWo7Cv0gtz90utT74sQcHV1q0G%2BjEouSJTFhonk7H5seIQDAVb7kbG3kfbqzvajzK3kGMBb%2FmZmug1oj6vs33uUUteT9FGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f914885995a-FRA
expires: Fri, 03 Nov 2023 03:30:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 94ms
28ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=679409109229010&ev=PageView&dl=https%3A%2F%2Fwww.myhspa.org%2Fcertification%2Fstay-certified.html&rl=&if=false&ts=1667483236046&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667483236045.287631711&it=1667483235897&coo=false&exp=c1&rqm=GET

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/certification/stay-certified.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 03 Nov 2022 13:47:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 111ms
59ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-43831247-1&cid=388983956.1667483236&jid=2128961474&_u=YEBAAUAAAAAAACAAI~&z=638249275

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/certification/stay-certified.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 13:47:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.sk/ads/ 42 B
501 B 113ms
59ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.sk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-43831247-1&cid=388983956.1667483236&jid=2128961474&_u=YEBAAUAAAAAAACAAI~&z=638249275

Requested by

Host: www.myhspa.org
URL: https://www.myhspa.org/certification/stay-certified.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 13:47:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-framework-3d118a1c2798bf0a2233.js Show response
static.zdassets.com/web_widget/latest/ Frame 6305 151 KB
49 KB 62ms
62ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-3d118a1c2798bf0a2233.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=675e3139-1a24-49a8-88f2-a84c4b93ded1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b105b453329e522f9faa0bf7215519311897b9162a38da61c75448cefb841663

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
x-amz-version-id: DGABZmS_HLmr0OkIATNtJHXvAYbWspsE
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B4XRB9NWVRVVMYQ8
age: 29142
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: W+7zrxZpwIRbsiX7xMX/+V+0H4RAy56tHCmI4OmDFNhWzWWAewIl07E/vEjDawph70Lt2dVSxkk=
last-modified: Thu, 03 Nov 2022 03:30:25 GMT
server: cloudflare
etag: W/"4e0ec768e1b5323b0c06d0cc3a5c9c2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czpwI4b3mTUiJc%2B0ENmp5V4gGNePMiWhqAKW3I8PG6Y5%2F1IIcumAbtSGjyc84juVETDjwnSIeImWh8s27bM1jluiUZMAyAeCBPY%2BWFb2hy%2FtpQUPLdna%2BWzvQ7eD0GbSH%2BLmtao%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f9168d4995a-FRA
expires: Fri, 03 Nov 2023 03:30:23 GMT

GET
H2 200 integrations Show response
polo.feathr.co/v1/accounts/60d23220965ba150f93ece3b/ 31 B
363 B 409ms
112ms XHR
application/json 3.223.17.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/60d23220965ba150f93ece3b/integrations

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.223.17.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-223-17-26.compute-1.amazonaws.com

Software

nginx/1.17.8 /

Resource Hash

559382b44a7cb0b397c474fe76532f50b622824e15440784425d1f4a42a991de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: nginx/1.17.8
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 31

GET
H2 200 refresh
marco.feathr.co/v1/ 43 B
594 B 433ms
333ms Image
image/gif 13.227.153.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marco.feathr.co/v1/refresh
Requested by: Host: www.myhspa.org
URL: https://www.myhspa.org/certification/stay-certified.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.153.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-153-123.muc51.r.cloudfront.net
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
via: 1.1 62328e618fde50edd04ce6ae46c1c300.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC51-C1
x-amzn-requestid: 95ded47b-4bc2-448a-a030-5922a7dafd53
x-amzn-trace-id: Root=1-6363c664-34d1f3ed5d0a5f423f1784f1;Sampled=0
access-control-allow-methods: *
content-type: image/gif
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-apigw-id: bBvvuGEsoAMFmTg=
content-length: 43
x-amz-cf-id: X4bbJd-XjiIfl5CH50pCS8J39yBTZuh3iIErQl4tm3oAzrW9sY9-Wg==
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key

GET
H2 200 config Show response
iahcsmm.zendesk.com/embeddable/ Frame 777D 984 B
855 B 278ms
207ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iahcsmm.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3d118a1c2798bf0a2233.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1890c9ea55f6662a778d197c1b63dfb4c0f9551703e3b58130ffafe93c6b47d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-65b5664474-hjndt
x-cached: STALE
x-request-id: 764587161ffb9bb2-ORD
x-runtime: 0.001432
last-modified: Thu, 03 Nov 2022 13:37:29 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XejeLqP5nu6gpGTxUnr9K18nxcN6N6rx2eReQm667DClD6giB0C01g2SNc2hgXKrz5B9Hg4RMHQY9Ca3pbFVLlVfByZ%2FkmY%2FEAFUEUxMEjsf6y8ZwcNtvZ7AuiNDodGE7p59ko%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 76458f926ad7bb37-FRA

GET
H2 200 config Show response
iahcsmm.zendesk.com/embeddable/ Frame 6305 984 B
1 KB 121ms
58ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iahcsmm.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3d118a1c2798bf0a2233.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1890c9ea55f6662a778d197c1b63dfb4c0f9551703e3b58130ffafe93c6b47d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
content-encoding: br
cf-cache-status: UPDATING
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 587
x-zendesk-origin-server: embeddable-app-server-65b5664474-k9kbl
x-cached: MISS
x-request-id: 7645813c6c59bb47-SEA
x-runtime: 0.001483
last-modified: Thu, 03 Nov 2022 13:37:29 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btZiN4Lxi8vmohpDAWO1UAmaF2CKa5%2BN7ibK4s51VRosU1B%2FqaDCz1hY7gPyaicAtoI2kCahlUSZYN2ugPp2lTtFeaKxG%2BYwo113vP2jCUg8HUwcRZ9raen52qIW0yeJXMBR4WY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 76458f927ad9bb37-FRA

GET
H2 200 web-widget-classic-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 6305 13 KB
4 KB 51ms
51ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3d118a1c2798bf0a2233.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3009b30d51d54d2f38352767edb81dff2d8cebb959a8113f2971a7cec854241d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
x-amz-version-id: wz6a7iiHMeoOhXK5vZ7qzIQEBvhPmp5x
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B4XZHW66GZBX8RZE
age: 29142
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: GkMMsxkhTF5OjiH8Nb4eqjWkvcVoX6ZMXcMsVRW7oakw+U+bp/OiOtMwuihdRIRdUt9uhyLVYbk=
last-modified: Thu, 03 Nov 2022 03:33:08 GMT
server: cloudflare
etag: W/"240f4301c065057931ce34a2ad6eafa0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJ0KjB0VedyjxUHncT8sqVIq056ne16w5pL0IFnKwlRCJTasZpAPTT5RgIMD%2FMrOyYJEvQjfeQgy34kcjr14GRyir7QrM4Vu0zvDdaHjhkKuR046a9o7FLCNf2CSvFM6TDyqVOo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f92db9d995a-FRA
expires: Fri, 03 Nov 2023 03:33:07 GMT

GET
H2 200 web-widget-8165-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 6305 663 KB
190 KB 69ms
68ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
x-amz-version-id: Ro8yaqRoD_ED3I6ZLseZpT754cZzZ9s2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B4XXPQZYTW4BFDB3
age: 29142
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: SCCioBTSm3IBsU/EzGboMdfeg5E74yX9pDjaazP1M3NqDn+7sZcF8G9bfvJ7qsMUwhfdAkjSwPI=
last-modified: Thu, 03 Nov 2022 03:33:08 GMT
server: cloudflare
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2Bh2fzw5Lsilnhq3OS9eDeyTt6OD0RG%2FlhYFTxn7xZ8Ghfgu6Xzv%2FfvL6AWJSlRIxwWlLgjGo8Uins2QztDqJlJIbD1I5qq0SfttWOvOEldfAZJFQvwCEyvsj8kiWhyVzcdoOQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f932c65995a-FRA
expires: Fri, 03 Nov 2023 03:33:07 GMT

GET
H2 200 web-widget-5324-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 6305 491 KB
108 KB 52ms
52ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e59ea8d16def715d959d234bd4b6e301d965e714a368043765b198b76be96c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
x-amz-version-id: SmCuQ7cpSlPaLvzm_2eFEkDHi0Xn0HqF
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B4XH4P8RT9JF94PM
age: 29142
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: DdXshONSoITrJDNbYbBcttKW9sfmdfTzaZ8AAVsn6onDZYfuuFfBSbv/Bgux8v1Mr+kzJ9c0F2s=
last-modified: Thu, 03 Nov 2022 03:33:08 GMT
server: cloudflare
etag: W/"04170b70b619ed47f6e24aa6c907159f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bE8S%2FaD%2B0G5TPDVYJhvydY3RoFymaNSfBSLNLsLMzHQS3nm%2BAjRAzR3zPcad0PXWNMxJeoyJKkeKtPNtk%2BwIVB7Stzbp19jyknwILkJHLEt63gwYGGRfDdsOMr7JIfRm1fCxtrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f932c66995a-FRA
expires: Fri, 03 Nov 2023 03:33:07 GMT

GET
H2 200 web-widget-classic-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 777D 13 KB
4 KB 45ms
44ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3d118a1c2798bf0a2233.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3009b30d51d54d2f38352767edb81dff2d8cebb959a8113f2971a7cec854241d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
x-amz-version-id: wz6a7iiHMeoOhXK5vZ7qzIQEBvhPmp5x
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B4XZHW66GZBX8RZE
age: 29142
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: GkMMsxkhTF5OjiH8Nb4eqjWkvcVoX6ZMXcMsVRW7oakw+U+bp/OiOtMwuihdRIRdUt9uhyLVYbk=
last-modified: Thu, 03 Nov 2022 03:33:08 GMT
server: cloudflare
etag: W/"240f4301c065057931ce34a2ad6eafa0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAQb15UdanpluDKrIMljnhrOJqaq8%2FEoRZXPkT8PokmoFHcAYifJMBML2n7Ht4S4XNFzhs6YyHWbGRBd6tiiwZnkknlHe5D9v2TLSlBFbFTWOzxJhTBYzOdSiOoDSBnamOZjAfE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f93cdda995a-FRA
expires: Fri, 03 Nov 2023 03:33:07 GMT

GET
H2 200 embeddable_blip Show response
iahcsmm.zendesk.com/ Frame 6305 0
326 B 210ms
209ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iahcsmm.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC44NyBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlfSwiYWN0aW9uIjoibG9jYWxlTWlzbWF0Y2giLCJjYXRlZ29yeSI6ImxvY2FsZSJ9LCJidWlkIjoiNDEwOGEyNzc2ZDM0NDMzMWE0NmQxZGFiMWI3ODVhMDEiLCJzdWlkIjoiNzFhNjNjZmJiOTkzNGYwYjllZDJmOWQ3NmQ0MGRjZDkiLCJ2ZXJzaW9uIjoiODI2MmQ4NSIsInRpbWVzdGFtcCI6IjIwMjItMTEtMDNUMTM6NDc6MTYuNTU2WiIsInVybCI6Imh0dHBzOi8vd3d3Lm15aHNwYS5vcmcvY2VydGlmaWNhdGlvbi9zdGF5LWNlcnRpZmllZC5odG1sIn0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3d118a1c2798bf0a2233.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
cf-cache-status: MISS
last-modified: Thu, 03 Nov 2022 13:47:16 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vadQDeUhhQ042E8xyzSf20c2fzAM4JTj8dGa94Adm6%2ByJt8vqWax%2FrNA03hsiAvcnydKw%2BU2YNkjGpMr5rPZ74VA5Yu%2FerP%2BENKOagUnWA2kioCtzRhAhxbb8hYL%2FvyAZKU2ME%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 76458f949f2cbb37-FRA
content-length: 0
x-request-id: 76458f949f2cbb37-SEA

GET
H2 200 de-de-json-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 6305 27 KB
7 KB 44ms
44ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
x-amz-version-id: K6MXFhDGxd04ZLdVYGYriUFmHOXARvvN
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DAQVBTYXMR45WJ8J
age: 29141
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: D1S8uZfxkOIWHQzDJU5mAXQv/QrLChq6an0kHsqG9QGekfjXFAm7RYkSnYDZ8/f7Mr9aIbSz7rs=
last-modified: Thu, 03 Nov 2022 03:33:09 GMT
server: cloudflare
etag: W/"dee0c6a89a545cab72e7f62ab96b94c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYmaL8NdlYhj3aO4JtPUmNEXZ4RsjKNXQbGD4BIwvZbRJbwwOHggDazP76LcR5XCU9neSYhCQokdvCDLCZpQEDL6FLAjqdA484bA5hBLyqTomf%2FAd%2BxbIFOufZTzUs0a5P5C9Y8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f94bfea995a-FRA
expires: Fri, 03 Nov 2023 03:33:08 GMT

GET
H2 200 web-widget-8165-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 777D 663 KB
190 KB 68ms
67ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
x-amz-version-id: Ro8yaqRoD_ED3I6ZLseZpT754cZzZ9s2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B4XXPQZYTW4BFDB3
age: 29142
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: SCCioBTSm3IBsU/EzGboMdfeg5E74yX9pDjaazP1M3NqDn+7sZcF8G9bfvJ7qsMUwhfdAkjSwPI=
last-modified: Thu, 03 Nov 2022 03:33:08 GMT
server: cloudflare
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PgeqwS%2BFzWPzs5a0Srsh%2BZIcvBZNX6TsNeyqf5qFaWdL42g3x1HQfUv7vqt7KU272hStx9Em%2FfrPecx62wpr6nJPal56vCbIvre0KLub%2FRMxzKrhtvCBotuC0IpXFHB8TzDJMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f94c800995a-FRA
expires: Fri, 03 Nov 2023 03:33:07 GMT

GET
H2 200 web-widget-5324-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 777D 491 KB
108 KB 79ms
79ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e59ea8d16def715d959d234bd4b6e301d965e714a368043765b198b76be96c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
x-amz-version-id: SmCuQ7cpSlPaLvzm_2eFEkDHi0Xn0HqF
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B4XH4P8RT9JF94PM
age: 29142
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: DdXshONSoITrJDNbYbBcttKW9sfmdfTzaZ8AAVsn6onDZYfuuFfBSbv/Bgux8v1Mr+kzJ9c0F2s=
last-modified: Thu, 03 Nov 2022 03:33:08 GMT
server: cloudflare
etag: W/"04170b70b619ed47f6e24aa6c907159f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sokWzQtZus9PDcMXSpkqkyOexZxTcJOjomZLfAjA1exdxIhD3rQAJxOcDXMTGDV6edFOARRxo7wkzJlZ6RIQx7Pp5EqjWyRtj%2BdS2KR3Jqdw72cSLtBuRMnUDH1RFVBCLKAS5dc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f94c805995a-FRA
expires: Fri, 03 Nov 2023 03:33:07 GMT

GET
H2 200 script.js Show response
polo.feathr.co/v1/analytics/match/ 290 B
582 B 339ms
117ms Script
text/javascript 3.223.17.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr&cb=1667483236589

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.223.17.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-223-17-26.compute-1.amazonaws.com

Software

nginx/1.17.8 /

Resource Hash

bac56a3e14cea31e88edc256047b823c5e94a6779aa4c71b252abbba55967811

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
server: nginx/1.17.8
etag: W/"6363c664b9e51900083643fc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 pixel.js Show response
polo.feathr.co/v1/accounts/60d23220965ba150f93ece3b/ 32 B
397 B 341ms
120ms Script
text/javascript 3.223.17.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/60d23220965ba150f93ece3b/pixel.js?pk=feathr

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.223.17.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-223-17-26.compute-1.amazonaws.com

Software

nginx/1.17.8 /

Resource Hash

eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: nginx/1.17.8
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=14400
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 32

GET
H2 200 web-widget-chat-sdk-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 6305 202 KB
51 KB 40ms
40ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
x-amz-version-id: sayXs7zOVVM6rMl6ls8GCrOd3aQu0RSc
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DAQHBPKD9FA2PSSV
age: 29141
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Wb707C/M5jCvZhwkVOzJo8Emk9+wuyt36dnzBt1uArqxSRgBd9VxuILPAOBFtTMHMbH5Fs/fIn0=
last-modified: Thu, 03 Nov 2022 03:33:08 GMT
server: cloudflare
etag: W/"865d0cd066636165cf7f35fb97a1d90d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pom7PmggncEs%2BcTkS1f%2BIuJrj5HR%2BW91paM%2BUv1NkBEfbtGarO0fgzO1iqE9DQV1Un3shfb9d%2Bw9JknVV0iC0xzXgxTUEdEXTySpYPWjcL5vWeeKxdtVtmHM2D6DqLtcMSg0gm8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f951892995a-FRA
expires: Fri, 03 Nov 2023 03:33:07 GMT

GET
H2 200 embeddable_blip Show response
iahcsmm.zendesk.com/ Frame 777D 0
417 B 203ms
203ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iahcsmm.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC44NyBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlfSwiYWN0aW9uIjoibG9jYWxlTWlzbWF0Y2giLCJjYXRlZ29yeSI6ImxvY2FsZSJ9LCJidWlkIjoiNDEwOGEyNzc2ZDM0NDMzMWE0NmQxZGFiMWI3ODVhMDEiLCJzdWlkIjoiNzFhNjNjZmJiOTkzNGYwYjllZDJmOWQ3NmQ0MGRjZDkiLCJ2ZXJzaW9uIjoiODI2MmQ4NSIsInRpbWVzdGFtcCI6IjIwMjItMTEtMDNUMTM6NDc6MTYuODI2WiIsInVybCI6Imh0dHBzOi8vd3d3Lm15aHNwYS5vcmcvY2VydGlmaWNhdGlvbi9zdGF5LWNlcnRpZmllZC5odG1sIn0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3d118a1c2798bf0a2233.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:17 GMT
cf-cache-status: MISS
last-modified: Thu, 03 Nov 2022 13:47:17 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L538G8SX3PtF%2BkWXL8OYitxyvY%2BqLgtzWy9zXzo2Zb4CSzeycNqfnda8OeMQQ4y1ZynK5yKUx01yLT9fyH8yhlejpSXu%2F6iyZtqj%2BxRMQigcoSaifWfYVDcbqOpTP4oUt5KEh1U%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 76458f963b3ebb37-FRA
content-length: 0
x-request-id: 76458f963b3ebb37-SEA

GET
H2 200 de-de-json-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 777D 27 KB
6 KB 39ms
38ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
x-amz-version-id: K6MXFhDGxd04ZLdVYGYriUFmHOXARvvN
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DAQVBTYXMR45WJ8J
age: 29141
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: D1S8uZfxkOIWHQzDJU5mAXQv/QrLChq6an0kHsqG9QGekfjXFAm7RYkSnYDZ8/f7Mr9aIbSz7rs=
last-modified: Thu, 03 Nov 2022 03:33:09 GMT
server: cloudflare
etag: W/"dee0c6a89a545cab72e7f62ab96b94c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0zXEy2MpF45GSaORxzIKpoe1CTxLyja1qTGv2l%2Bm7aRddagr%2BOAsAfNijTiQHutX7UayRP8MJbOPzbr11kCPU8mVwHzwb83CXEfkMH8n86jwLc6pdYO6z1aNs%2F%2FVSCXI3BREbw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f964aa8995a-FRA
expires: Fri, 03 Nov 2023 03:33:08 GMT

GET
H2 200 web-widget-chat-sdk-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 777D 202 KB
51 KB 51ms
50ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:16 GMT
x-amz-version-id: sayXs7zOVVM6rMl6ls8GCrOd3aQu0RSc
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DAQHBPKD9FA2PSSV
age: 29141
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Wb707C/M5jCvZhwkVOzJo8Emk9+wuyt36dnzBt1uArqxSRgBd9VxuILPAOBFtTMHMbH5Fs/fIn0=
last-modified: Thu, 03 Nov 2022 03:33:08 GMT
server: cloudflare
etag: W/"865d0cd066636165cf7f35fb97a1d90d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UijyhmW%2FrJa8d47gXKA0rTDGVJz8Yv18unFwbyPUAgmL%2BntVcWApYlcyeXOJUfDaunaXJgHUrp2ZkCRpPFevTLoJB8nLuj3uSvkKIyVj%2F7EUAJo7wdHinvpAFQRm0jl5IfwET6A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f968b3c995a-FRA
expires: Fri, 03 Nov 2023 03:33:07 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 144ms
48ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=6363c664b9e51900083643fc&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 03 Nov 2022 13:47:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 web-widget-chat-incoming-message-notification-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 6305 208 B
607 B 48ms
48ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:17 GMT
x-amz-version-id: 2pATdbQ16Q3O93W4xTB1C7OKv3ovDZQj
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DAQMXVKEKRTVYK6S
age: 29142
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 0201nK6qRqyTuLalizePTv5eOWtFViTcHK3L6NZ4z+6lRnRQWXBbdaACPOSm7zU5R6PSutKlnTA=
last-modified: Thu, 03 Nov 2022 03:33:08 GMT
server: cloudflare
etag: W/"659635f5ad1b6653645380f46aa42236"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSY8O7TO5XAx%2F29ZyCZtmpG9mU1iQAbbIG9pFgc3DJh6BYoXdR0CxlUxw4ieW02pgBzm4AArbgT97xSyZKwbN6UyQvTdQ2NNSvXlLm3Lr8TSsyMKWjpC8nBCrXtGUKSAhJT39V0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f97ad1f995a-FRA
expires: Fri, 03 Nov 2023 03:33:07 GMT

GET
H2 200 script.js Show response
polo.feathr.co/v1/analytics/match/ 290 B
581 B 114ms
114ms Script
text/javascript 3.223.17.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr&cb=1667483237084

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.223.17.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-223-17-26.compute-1.amazonaws.com

Software

nginx/1.17.8 /

Resource Hash

bac56a3e14cea31e88edc256047b823c5e94a6779aa4c71b252abbba55967811

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
server: nginx/1.17.8
etag: W/"6363c664b9e51900083643fc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/classic/ Frame 6305 19 KB
20 KB 38ms
38ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 03 Nov 2022 13:47:17 GMT
x-amz-version-id: ngeCnQamEcRo6kgSgz9pTF5J7hCEPwJW
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: EPY8X9YDY570SGAA
age: 20603796
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: WVW0sQpQKxtjsx0iINkCoae6bdpTd6ZKYq7y3xgTJmp8089rbECdSsKMuL0FO0ENh4HnR2ic4Ug=
last-modified: Wed, 09 Mar 2022 06:43:05 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xI4lCV2wLk2G8%2FnH67cFr0TKzvpyST5im5ihmorIixo88kL77PLIovcUEJ3CM0lKvKo6QqAXJzGqoXJaUWzv6lGKh1T4bgOXbmpgJlrkqAVkMRI4SUoC6bAYAWBYPQx2SJn29r0%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f97fdb6995a-FRA
expires: Thu, 09 Mar 2023 06:43:04 GMT

GET
H2 200 web-widget-chat-incoming-message-notification-8262d85.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 777D 208 B
481 B 50ms
50ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-8262d85.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8262d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 13:47:17 GMT
x-amz-version-id: 2pATdbQ16Q3O93W4xTB1C7OKv3ovDZQj
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DAQMXVKEKRTVYK6S
age: 29142
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 0201nK6qRqyTuLalizePTv5eOWtFViTcHK3L6NZ4z+6lRnRQWXBbdaACPOSm7zU5R6PSutKlnTA=
last-modified: Thu, 03 Nov 2022 03:33:08 GMT
server: cloudflare
etag: W/"659635f5ad1b6653645380f46aa42236"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIND834%2B%2B1RFAIUYe3VYae62MrOlqGeaXib%2FaRdN%2F3mP7SpkpWyQJ9qchyM6%2B%2FTye2z0Up%2FK%2FfH7DUL2xQadtiLfvPQe54pM9n1mjgbAYzwvn9Mt6SItkWV1%2FtH0NvJRfKvXnoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f989f65995a-FRA
expires: Fri, 03 Nov 2023 03:33:07 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/classic/ Frame 777D 19 KB
20 KB 50ms
46ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 03 Nov 2022 13:47:17 GMT
x-amz-version-id: ngeCnQamEcRo6kgSgz9pTF5J7hCEPwJW
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: EPY8X9YDY570SGAA
age: 20603796
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: WVW0sQpQKxtjsx0iINkCoae6bdpTd6ZKYq7y3xgTJmp8089rbECdSsKMuL0FO0ENh4HnR2ic4Ug=
last-modified: Wed, 09 Mar 2022 06:43:05 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxFsOrA%2FbrKtciGHIx1gLCYcuKoL4sqRcn2RJ7QR9DvMiKiTuBzH0IdGM58V6cmONAlpdJ2twq8JItDrlszDLKQJ45z9o768DJNeSKxUG5RjO1WHAT6LVSsznCs6R5xOXR9TrMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76458f98f818995a-FRA
expires: Thu, 09 Mar 2023 06:43:04 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 59ms
28ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=679409109229010&ev=Microdata&dl=https%3A%2F%2Fwww.myhspa.org%2Fcertification%2Fstay-certified.html&rl=&if=false&ts=1667483237586&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Stay%20Certified%20-%20Healthcare%20Sterile%20Processing%20Association%20(HSPA)%22%2C%22meta%3Akeywords%22%3A%22Central%20Service%2C%20Sterile%20Processing%2C%20Medical%2FSurgical%20instrument%20cleaning%2Fdecontamination%2C%20Medical%2FSurgical%20instrument%20sterilization%2C%20Medical%2FSurgical%20Instrument%20disinfection%2C%20Central%20Service%20certification%2C%20Central%20Service%20continuing%20education%2C%20HSPA%20Annual%20Conference%20%26%20Expo%2C%20HSPA%20lesson%20plans%2C%20Patient%20safety%2Finfection%20prevention%2C%20Purdue%20University%2C%20Medical%20supply%20management%20and%20distribution%2C%20CS%20legislation%2C%20CS%20technician%20and%20CS%20manager%20training%2C%20HSPA%20membership%20offerings%22%2C%22meta%3Adescription%22%3A%22HSPA%20provides%20education%2C%20advocacy%2C%20certification%2C%20and%20support%20for%20Sterile%20Processing%20(SP)%20professionals.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1667483236045.287631711&it=1667483235897&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myhspa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 03 Nov 2022 13:47:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.myhspa.org/	1969-12-31 23:59:59	Name: f96f9bc1d5e11647ad462c7b448a2f38 Value: bccc9c196ee104086e099606155fb7da
.myhspa.org/	1970-01-20 16:47:23	Name: _ga Value: GA1.2.388983956.1667483236
.myhspa.org/	1970-01-20 07:12:49	Name: _gid Value: GA1.2.1584043536.1667483236
.myhspa.org/	1970-01-20 07:11:23	Name: _gat_gtag_UA_43831247_1 Value: 1
.myhspa.org/	1970-01-20 09:20:59	Name: _fbp Value: fb.1.1667483236045.287631711
.www.myhspa.org/	1970-01-20 07:11:26	Name: feathr_session_id Value: 6363c664ef7fe3dba77827f0
.feathr.co/	1970-01-20 15:56:59	Name: f_id Value: 6363c664b9e51900083643fc
widget-mediator.zopim.com/	1970-01-20 07:21:28	Name: AWSALBCORS Value: S0cGIKh5/c6HuiPnh2n9JvOh1Z4LlQxl9suNKYHHF4JQq1YUa5neuN1833EAKtMhesUb+dkvgmOvX2nDL5QZeiC7qD3TmyfqrniJ+hqUnv6tvMHLqb/DN8d+Zt9b
.myhspa.org/	1970-01-20 15:56:59	Name: __zlcmid Value: 1CllLhG8uKX5pFS

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.myhspa.org/media/com_jchoptimize/assets/gz/138c89afb7e8394ae10912b9151b12795a8a118a098a5737eae712c91b41188b.js(Line 70) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.myhspa.org/media/com_jchoptimize/assets/gz/138c89afb7e8394ae10912b9151b12795a8a118a098a5737eae712c91b41188b.js(Line 70) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.feathr.co
connect.facebook.net
ekr.zdassets.com
fonts.gstatic.com
iahcsmm.zendesk.com
marco.feathr.co
match.adsrvr.org
polo.feathr.co
securepubads.g.doubleclick.net
static.zdassets.com
stats.g.doubleclick.net
u83566.ct.sendgrid.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.sk
www.googletagmanager.com
www.myhspa.org
104.16.51.111
104.18.70.113
13.227.153.123
167.89.115.54
192.124.249.58
2606:4700:3037::6815:52a3
2a00:1450:4001:800::2003
2a00:1450:4001:806::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2008
2a00:1450:400c:c08::9d
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
3.223.17.26
52.223.40.198
0169e4dcdc172069ab64d72f8eb7a3ea2b9289efb71a8ba814ac4e2248963f0b
0541bd3d69c7396280e8e0cd4e49612e692bc883dae3a8cc72bd2e0db54de436
1890c9ea55f6662a778d197c1b63dfb4c0f9551703e3b58130ffafe93c6b47d8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3009b30d51d54d2f38352767edb81dff2d8cebb959a8113f2971a7cec854241d
52759d1fa32c5a916216044caabefe43966e3321d1e3fae8fce6a250d65e39fe
53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407
559382b44a7cb0b397c474fe76532f50b622824e15440784425d1f4a42a991de
565523e1f1e494fc167597e26e01159424027c934bde24d14d41081a16231d06
58174fa028b2681d2f4ca49c97cca5ec0967c1429ac25487826ccf0e2f8afc0f
590b7171389733cf0b6fc4f7f966373063b391f31488b5108e1e689614add122
59dc7d06b1c1a525087a525ab6cd895859f330972efcaf9c1ffdf143f7f5c5cd
6343b9c20a6cd538afd2b87caf8700f1ec83e242e5af3195c0773bb81b801a3b
65535e311684f5541d6f3ef3e6f6631c6f9454b6bfb7dd7ac6db36c479bfd760
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
6a5926765e18a8cd800e00d3613739bc9bdbe697131a121fd22969b5930d3413
6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d
76b9a976448170b38b6faf85938c0ab814fb9abc10487b06ccfaa75151f251aa
770f0032ef865d3340b8daa666311b9b2df76d9262855d739c83baca6f4776d2
79694561bccb05538507cf4d4f5c53b0ee2c51bbedf152a435c3f60cd52cdb2b
7b1be609ea85b280fd1a747554ee9f69aa2dd864ead7f8d85cf52a0cdd98cad9
7e55d18a6b6570d5f43719bd204cbc6f28ef380fc6d8b6f71ccf8094ac95f67e
832d72cd11b4a37a93c43757cf4deb1d8c648b86fa2093d72ecac0a4e6c1eef2
83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35
87657eccd1d76ab42f44b58a6518d9d85f4864eff7d5212c131a1e2f0573f04a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
ab949d217aeb59201b46ce64934ff23a46fa4ce684db25002d88c15b59e72dff
b105b453329e522f9faa0bf7215519311897b9162a38da61c75448cefb841663
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8562c4e392dd32ece8d7bfddc38a750c5d8d7711e5a330c58d6d5dc8ba01745
bac56a3e14cea31e88edc256047b823c5e94a6779aa4c71b252abbba55967811
bedb5c0eb2e55675ecd496c04f7780adeeadc2a0fef36c335a84724f29812628
c3549500032014880a5f26801042304db6abd5411a01749ba00c1896eebfe622
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
cb4f9f7b448141808285fd76f23d26b7ff6940f1ad7d1f60c96382c516b2b47e
cb7c49ab264df288e272de8eada58f92d157590b44fa5d3a296803c2c72ec78e
ccebc2527fc5328c717b5ae365da8f5219ac6074e39a3d8cbc24276da00e729a
cf57d47551d73dd034a1b37b38ef395205989f7cfe245fd2eb44219166c748f8
d5353ea242248e0f9afaae697504e6907c63562ae02b4bc79e41b4afe87f3825
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59ea8d16def715d959d234bd4b6e301d965e714a368043765b198b76be96c3a
e8e0475582ab3e866b093f14c52982006a8112d6a2833b0cd999cb8368b0f50d
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cac5a38ae5ed83e515ba5771b42c3600187a1131147fb3fd49159bd51716f3
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fada59f56dca345a8c6e3f73d980f04f9df1e81e4fb3030a479a8473af01284f

www.myhspa.org Open in urlscan Pro 192.124.249.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

59 %IPv6

14 Domains

18 Subdomains

16 IPs

5 Countries

2219 kBTransfer

6002 kBSize

9 Cookies

18 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.myhspa.org Open in urlscan Pro
192.124.249.58 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

59 %
IPv6

14
Domains

18
Subdomains

16
IPs

5
Countries

2219 kB
Transfer

6002 kB
Size

9
Cookies

66 HTTP transactions
0 data transactions